A GitHub Action that deploys source code to Google Cloud Functions.

Home Page: https://cloud.google.com/functions

License: Apache License 2.0

JavaScript 3.05% TypeScript 95.52% Shell 1.43%

actions cloud-functions gcf gcp github-actions google-cloud google-cloud-functions google-cloud-platform

deploy-cloud-functions's People

Contributors

Stargazers

Watchers

deploy-cloud-functions's Issues

Support for Google Cloud Source Repository as source for the function or allow empty source_dir

TL;DR

It's not possible to leave source_dir empty and just use the existing source directory that is set on the function currently. If source_dir is left empty, I get an error message on the GCF side:

FileNotFoundError: [Errno 2] No such file or directory: '/user_code/main.py'

If I pass the actual path to the repository, I get the following error message in my GitHub Action:

Unable to find https://source.developers.google.com/projects/xxx/repos/github_xxx/moveable-aliases/master/paths/

My current yaml looks like this:

name: Deploy to GCF (dev)
on: workflow_dispatch

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    if: github.actor == 'xxx' && github.ref == 'refs/heads/master'

    steps:
      - uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: xxx
          entry_point: xxx
          memory_mb: 512
          timeout: 540

          source_dir: https://source.developers.google.com/projects/xxx/repos/github_xxx/moveable-aliases/master/paths/
          region: europe-west2
          runtime: python37
          credentials: ${{ secrets.GCLOUD_CREDENTIALS }}

Design

It would be nice to be able to leave this parameter empty. Or, if you are able to figure out why I can't seem to get this to work, it would be much appreciated.

deploy-cloud-functions reports error when deploying function with cloud.firestore event trigger

TL;DR

When using deploy-cloud-functions to deploy a function with a cloud.firestore event trigger the github action fails with Error: Cannot read property 'url' of undefined. Although an error is shown the function deploys correctly.

Expected behavior
The action should report a success

Observed behavior
The action reports a failure:

Warning: Unexpected input(s) 'region', valid inputs are ['credentials', 'name', 'description', 'project_id', 'source_dir', 'env_vars', 'entry_point', 'runtime', 'vpc_connector', 'service_account_email', 'timeout', 'max_instances', 'event_trigger_type', 'event_trigger_resource', 'event_trigger_service']
Run GoogleCloudPlatform/github-actions/deploy-cloud-functions@master
  with:
    name: new_order
    region: australia-southeast1
    description: send email on new order
    source_dir: functions/new_order
    entry_point: main
    runtime: python38
    event_trigger_type: providers/cloud.firestore/eventTypes/document.create
    event_trigger_resource: projects/***/databases/(default)/documents/orders/***store_id***/orders/***order_id***
    env_vars: SG_SEND_API_KEY=***
  env:
    CLOUDSDK_METRICS_ENVIRONMENT: github-actions-setup-gcloud
    GCLOUD_PROJECT: ***
    GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/wholesale-web/wholesale-web/a6c0041a-5edd-4db0-a53c-50c9681719f2
Setting project Id from $GCLOUD_PROJECT
Creating a new function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Creating function deployment
Function deployment created
Error: Cannot read property 'url' of undefined

Note: the warning is not the issue.

Reproduction

Action YAML

name: Deploy Functions [PROD]

on:
  push:
    branches: [ master ]
    paths:
      - 'functions/**'

jobs:
  deploy_functions:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
        with:
          version: '290.0.1'
          project_id: '${{ secrets.GC_PROJECT_ID_PROD }}'
          service_account_key: ${{ secrets.GC_UPLOAD_FUNCTIONS_PROD }}
          export_default_credentials: true
        
      # The following works without errors
      - id: deploy_test
        uses: GoogleCloudPlatform/github-actions/deploy-cloud-functions@master
        with:
          name: python_test
          region: australia-southeast1
          description: 'a simple test function'
          source_dir: functions/test
          entry_point: hello_world
          runtime: python38

      # The following deploys OK but shows an error in the actions log
      # REF: https://cloud.google.com/functions/docs/calling/cloud-firestore
      - id: deploy_new_order
        uses: GoogleCloudPlatform/github-actions/deploy-cloud-functions@master
        with:
          name: new_order
          region: australia-southeast1
          description: 'send email on new order'
          source_dir: functions/new_order
          entry_point: main
          runtime: python38
          event_trigger_type: 'providers/cloud.firestore/eventTypes/document.create'
          event_trigger_resource: 'projects/${{ secrets.GC_PROJECT_ID_PROD }}/databases/(default)/documents/orders/{store_id}/orders/{order_id}'
          env_vars: 'SG_SEND_API_KEY=${{ secrets.SG_SEND_API_KEY }}'

Additional information
The new_order python function deploys fine and works as expected.

At a guess the issue is here: https://github.com/google-github-actions/deploy-cloud-functions/blob/main/src/main.ts#L64
As perhaps some functions do not have a defined httpsTrigger?

Use hardcoded file list for zip file unit tests

TL;DR

Replace getNonIgnoredFiles with a hardcoded list for easier test debugging and readability.

Detailed design

No response

Additional information

No response

.gcloudignore is not recognized.

TL;DR

.gcloudignore is not recognized.

Expected behavior

I believe that the files written in .gcloudignore are not to be deployed to cloud functions.

Observed behavior

When I deployed using deploy-cloud-functions, files that should have been written in .gcloudignore were also deployed.This was confirmed by downloading the zip file of the source code from cloud-functions on the web.

Reproduction

Action YAML

name: deploy

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:

  build:

    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2
      
      - uses: GoogleCloudPlatform/github-actions/deploy-cloud-functions@master
        with:
          name: notice-seat-availability
          runtime: python38
          credentials: ${{ secrets.gcp_credentials }}
          entry_point: run
          region: asia-northeast1
          source_dir: .        
          env_vars: LINE_CHANNEL_ACCESS_TOKEN=${{ secrets.LINE_CHANNEL_ACCESS_TOKEN }}

Repository

https://github.com/akishima-ensis/notice-seat-availability

Support using secrets

TL;DR

It would be great if this action supports passing the secret as an environment variable or mounting the secret as a volume.

Design

Action YAML

steps:
- uses: actions/checkout@v2
- id: deploy
  uses: google-github-actions/deploy-cloud-functions@main
  with:
    name: my-function
    runtime: nodejs10
    credentials: ${{ secrets.gcp_credentials }}
    secrets: |
      ENV_VAR=SECRET:VERSION
      ENV_VAR=projects/PROJECT_ID/secrets/SECRET:VERSION
      ENV_VAR=projects/PROJECT_ID/secrets/SECRET/versions/VERSION
      /SECRET_PATH=SECRET:VERSION
      /MOUNT_PATH:/SECRET_PATH=SECRET:VERSION

Resources

Environment variable values containing a "=" are cut off

TL;DR

Using the env_vars input parameter, environment variable values that contain equals signs are cut off. This started to happen last week when the parsing method changed from indexOf to split.

Expected behavior

Given the input FOO=bar=baz. the value of FOO should be bar=baz.

Observed behavior

The value is bar.

Action YAML

- name: Deploy
  uses: google-github-actions/[email protected]
  with:
    env_vars: CONN=DefaultEndpointsProtocol=https;AccountName=foo;AccountKey=bar

Additional information

If split is preferred over indexOf, the following code should have the desired effect:

let [k, v] = pair.split((/=(.*)/), 2);

Memory allocation

TL;DR

Add the possibility to declare the memory allocated to said function like in CLI.

Design

Action YAML

 with:
    name: my-function
    runtime: nodejs10
    credentials: ${{ secrets.gcp_credentials }}
    memory: 128MB

Resources

SDK Gcloud Deploy - Memory

Additional information

Support for vpc_connector_egress_settings

Question

i'm getting following warning on adding vpc_connector_egress_settings flag in my action file

Warning: Unexpected input(s) 'vpc_connector_egress_settings', valid inputs are ['credentials', 'name', 'description', 'project_id', 'region', 'source_dir', 'env_vars', 'env_vars_file', 'labels', 'entry_point', 'runtime', 'memory_mb', 'vpc_connector', 'service_account_email', 'timeout', 'max_instances', 'event_trigger_type', 'event_trigger_resource', 'event_trigger_service']

I just wanted to confirm if this option is still supported.

Consider dropping googleapis dependency

From @bharathkkb:

@sethvargo I believe its googleapis which why I skipped using it for get-gke-creds action. ncc build src/main.ts -e googleapis should give you a smaller build. googleapis was unused in deploy-cloudrun (removed in google-github-actions/deploy-cloudrun@892038b) so I think ncc might have done some tree shaking?

If we can decrease the size by 95% by copy-pasting a few LOC, that seems like a worthwhile investment given how many times the Action is downloaded.

Originally posted by @bharathkkb in #204 (comment)

Semantics of action changed

TL;DR

With the latest changes, certain settings are now handled differently, which is a breaking change.
For example it seems timeout can no longer be provided as pure number.
The error is:

"message": "Invalid value at 'function.timeout' (type.googleapis.com/google.protobuf.Duration), Field 'timeout', Illegal duration format; duration must end with 's'",

Expected behavior

No response

Observed behavior

No response

Action YAML

-   id: Deploy
                uses: google-github-actions/deploy-cloud-functions@main
                with:
                    timeout: 540

Additional information

No response

Could you improve the documentation of the trigger inputs please? (especially pubsub)

Question

As an example - I am trying to implement the equivalent of gcloud command

gcloud functions deploy my-function \
  --runtime go113  \
  --trigger-topic=some_topic \
  --service-account=$CLOUD_FUNCTION_SA_EMAIL \
  --project $PROJECT_ID \
  --entry-point MyEntrypoint \
  --set-env-vars PROJECT_ID=$PROJECT_ID,REPLAY_TOPIC_ID=$REPLAY_TOPIC_ID,BUCKET_NAME=$BUCKET_NAME  \
  --region $REGION \
  --memory 256 \
  --timeout 60 \
  --max-instances 100 \
  --quiet

Documentation issues:

event_trigger_type: (Optional) Specifies which action should trigger the function. Defaults to creation of http trigger.

OK, so what are the other trigger types? There is not a direct mapping of gcloud flag to action input here so its pure guesswork. What should I use for the equivalent of --trigger-topic=some_topic ?

I crawled around your issues until I found a maybe solution of :

event_trigger_type: google.pubsub.topic.publish
event_trigger_resource: projects/$PROJECT_ID/topics/$PDH_TOPIC_ID
event_trigger_service: pubsub.googleapis.com

This worked it seemed - but as these seem to be legacy flags - I am not sure for how long or if there is a simpler / shorter set of values that could be used

No care about memory_mb input

TL;DR

memory_mb input is not apply

Expected behavior

memory_mb input is apply

Observed behavior

default value is apply

Reproduction

Action YAML

# Paste your complete GitHub Actions YAML here, removing
# any sensitive values.
- name: Set up Cloud SDK
  uses: google-github-actions/setup-gcloud@master
  with:
    project_id: ${{ steps.secrets.outputs.GCP_LZ_UAT }}
    service_account_key: ${{ steps.secrets.outputs.GCP_SA_KEY }}
    export_default_credentials: true
- id: deploy
  uses: google-github-actions/deploy-cloud-functions@main
  with:
    project_id: ${{ steps.secrets.outputs.GCP_LZ_UAT }}
    name: ${{ steps.secrets.outputs.FUNCTION_NAME }}
    runtime: ${{ steps.secrets.outputs.RUNTIME }}
    entry_point: ${{ steps.secrets.outputs.ENTRY_POINT }}
    memory_mb: 4096MB
    region: ${{ steps.secrets.outputs.REGION }}
    vpc_connector: ${{ steps.secrets.outputs.VPC_CONNECTOR }}
    vpc_connector_egress_settings: ${{ steps.secrets.outputs.VPC_CONNECTOR_EGRESS_SETTINGS }}
    ingress_settings: ${{ steps.secrets.outputs.INGRESS_SETTINGS }}
    event_trigger_type: ${{ steps.secrets.outputs.EVENT_TRIGGER_TYPE }}
    event_trigger_resource: ${{ steps.secrets.outputs.EVENT_TRIGGER_RESOURCE }}
    event_trigger_service: ${{ steps.secrets.outputs.EVENT_TRIGGER_SERVICE }}
    labels: ${{ steps.secrets.outputs.LABELS }}
    service_account_email: ${{ steps.secrets.outputs.SA_MAIL }}

e2e test for event function

Current method of testing HTTP function sends a request to the function endpoint to confirm successful deployment. However for event functions, this is not possible as they are triggered by events and require another test to verify successful deployment.

Add Option to Specify Retry for Event-Driven Functions

TL;DR

There should be a way to configure retries for event-driven functions. Currently there is no way to set this as far as I can tell.

Design

Action YAML

steps:
- uses: actions/checkout@v2
- id: deploy
  uses: google-github-actions/deploy-cloud-functions@main
  with:
    name: my-function
    runtime: nodejs10
    credentials: ${{ secrets.gcp_credentials }}
    event_trigger_type: google.pubsub.topic.publish
    event_trigger_resource: projects/my-project/topics/my-topic
    event_trigger_retry: true

Resources

Retrying Event-Driven Functions

Error deploying function - step freezes

TL;DR

Getting timeout on deployment
Expected behavior
Function deployed

Observed behavior
Action hanged 1 hour before timeout, everything was working normal days ago, I had to use an older commit to deploy this function successfully.

FATAL ERROR: Ineffective mark-compacts near heap limit Allocation failed - JavaScript heap out of memory

<--- Last few GCs --->

[1924:0x345b0e0]  4663163 ms: Mark-sweep 2034.7 (2050.7) -> 2034.5 (2051.2) MB, 3339.9 / 0.1 ms  (average mu = 0.091, current mu = 0.001) allocation failure scavenge might not succeed
[1924:0x345b0e0]  4666496 ms: Mark-sweep 2035.3 (2051.2) -> 2035.3 (2052.0) MB, 3329.7 / 0.1 ms  (average mu = 0.047, current mu = 0.001) allocation failure scavenge might not succeed


<--- JS stacktrace --->

 1: 0x9da7c0 node::Abort() [/home/runner/runners/2.278.0/externals/node12/bin/node]
 2: 0x9db976 node::OnFatalError(char const*, char const*) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 3: 0xb39f1e v8::Utils::ReportOOMFailure(v8::internal::Isolate*, char const*, bool) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 4: 0xb3a299 v8::internal::V8::FatalProcessOutOfMemory(v8::internal::Isolate*, char const*, bool) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 5: 0xce5635  [/home/runner/runners/2.278.0/externals/node12/bin/node]
 6: 0xce5cc6 v8::internal::Heap::RecomputeLimits(v8::internal::GarbageCollector) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 7: 0xcf1b5a v8::internal::Heap::PerformGarbageCollection(v8::internal::GarbageCollector, v8::GCCallbackFlags) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 8: 0xcf2a65 v8::internal::Heap::CollectGarbage(v8::internal::AllocationSpace, v8::internal::GarbageCollectionReason, v8::GCCallbackFlags) [/home/runner/runners/2.278.0/externals/node12/bin/node]
 9: 0xcf5478 v8::internal::Heap::AllocateRawWithRetryOrFail(int, v8::internal::AllocationType, v8::internal::AllocationAlignment) [/home/runner/runners/2.278.0/externals/node12/bin/node]
10: 0xcc30c6 v8::internal::Factory::NewRawOneByteString(int, v8::internal::AllocationType) [/home/runner/runners/2.278.0/externals/node12/bin/node]
11: 0xcc387d v8::internal::Factory::NewStringFromUtf8(v8::internal::Vector<char const> const&, v8::internal::AllocationType) [/home/runner/runners/2.278.0/externals/node12/bin/node]
12: 0xb5239f v8::String::NewFromUtf8(v8::Isolate*, char const*, v8::NewStringType, int) [/home/runner/runners/2.278.0/externals/node12/bin/node]
13: 0xa93150 node::StringBytes::Encode(v8::Isolate*, char const*, node::encoding, v8::Local<v8::Value>*) [/home/runner/runners/2.278.0/externals/node12/bin/node]
14: 0x9e9d99 node::fs::AfterScanDirWithTypes(uv_fs_s*) [/home/runner/runners/2.278.0/externals/node12/bin/node]
15: 0x12d21f5  [/home/runner/runners/2.278.0/externals/node12/bin/node]
16: 0x12d66e1  [/home/runner/runners/2.278.0/externals/node12/bin/node]
17: 0x12e8ce8  [/home/runner/runners/2.278.0/externals/node12/bin/node]
18: 0x12d706b uv_run [/home/runner/runners/2.278.0/externals/node12/bin/node]
19: 0xa1c9b7 node::NodeMainInstance::Run() [/home/runner/runners/2.278.0/externals/node12/bin/node]
20: 0x9ac928 node::Start(int, char**) [/home/runner/runners/2.278.0/externals/node12/bin/node]
21: 0x7f868588a0b3 __libc_start_main [/lib/x86_64-linux-gnu/libc.so.6]
22: 0x94a055  [/home/runner/runners/2.278.0/externals/node12/bin/node]

Reproduction

Action YAML

name: Deploy Function
on: 
  push:
    branches:
      - master
      - develop
jobs:
  build:
    name: Build Node ${{ matrix.node }} and {{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        node: ['14.x']
        os: [ubuntu-latest]
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Use Node
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node }}
      - name: Install deps and build (with cache)
        uses: bahmutov/npm-install@v1
      - name: Build
        run: yarn compile
      - name: Set branch-based environment variables
        uses: iamtheyammer/[email protected]
        with:
          FUNCTION_NAME: |
            master:xxxxxxx
            develop:xxxxxxx-dev
          ENV_VARS: |
            master: ${{ secrets.ENV_VARS_MASTER}}
            develop: ${{ secrets.ENV_VARS_DEVELOP}}
      - id: deploy
        uses: google-github-actions/deploy-cloud-functions@main
        with:
          project_id: xxxxxxxxx
          name: ${{ env.FUNCTION_NAME }}
          entry_point: xxxxxxxxx
          runtime: nodejs14
          credentials: ${{ secrets.GCP_SECRET }}
          region: europe-west3
          memory_mb: 512MB
          env_vars: ${{ env.ENV_VARS }}

Increase function deploy timeout

My function deployments tend to fail flakily (e.g. https://github.com/k0swe/kellog-func/actions/runs/561572062) due to timing out here. The actual GCP deployment finishes successfully, but the GitHub workflow fails at this action. Can we increase or customize that timeout?

Error: The request has errors (PubSub Topic triggers)

I believe I included all required fields.

Cloud Functions API is enabled and the calling credentials have the Cloud Functions Admin and Service Account User role.

Deploying GCF gets GitHub Action stuck in infinite loop

Question

Apologies if I'm doing something wrong. But I followed all of the documentation here and here; am trying to also deploy my GCF (a function called UpdateMemberMetrics) after my GAE deploys. The GitHub Action deploys my GAE fine but then when it goes to deploy my GCF, it gets stuck in this weird infinite loop that I need to cancel the workflow on manually:

FWIW, the GCF itself deploys fine. When I check the console, it's there and has only incremented one version:

My GitHub Action yaml:

on:
  push:
    branches:
      - main

name: Deploy to Google App Engine PROD

jobs:
  deploy:
    environment: prod
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Deploy to App Engine
        id: deploy
        uses: google-github-actions/[email protected]
        with:
          deliverables: app.yaml
          project_id: ${{ secrets.GCP_PROJECT }}
          credentials: ${{ secrets.GCP_SA_KEY }}

      - name: Deploy Google Cloud Functions
        id: deploy-gcf
        uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: UpdateMemberMetrics
          runtime: go113
          env_vars_file: cloudfunctions.yaml
          project_id: ${{ secrets.GCF_PROJECT }}
          credentials: ${{ secrets.GCP_SA_KEY }}
          event_trigger_type: google.pubsub.topic.publish
          event_trigger_resource: ${{ secrets.TOPIC }}
          event_trigger_service: pubsub.googleapis.com

Am I doing something wrong?

(Btw-- when I run gcloud from my console directly; the GCF deploys fine. Ie. This works:
$> gcloud functions deploy UpdateMemberMetrics --trigger-topic $TOPIC --runtime go113 --env-vars-file ./cloudfunctions.yaml)

Would be grateful for any help/advice. Thank you! 🙏

Error: Unable to find source_dir

I am trying to get source_dir value working, here is my code structure.

├── .github
│   └── workflows
│       └── main.yml
├── .gitignore
├── LICENSE
├── README.md
└── src
    ├── main.py
    └── requirements.txt

jobs:
  Deploy:
    runs-on: ubuntu-latest
    steps:
    - id: Deploy

      uses: google-github-actions/deploy-cloud-functions@main
      with:
        name: RvsAirtable
        runtime: python38
        source_dir: src

how does this variable work?

Files with filenames starting with a dot is not deployed

TL;DR

Files with filenames starting with a dot (e.g. .npmrc) is not deployed.

Expected behavior
Deployed like any other file.

.npmrc is required to install private node modules.
https://cloud.google.com/functions/docs/writing/specifying-dependencies-nodejs#using_private_modules

Observed behavior
The deply action succeeds, but fails to build functions because the file is not uploaded.

Reproduction

Action YAML

on: workflow_dispatch

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - name: Add npm credential
        run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.TOKEN }}" >> .npmrc

      - id: deploy
        uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: *********************
          runtime: nodejs14
          region: asia-northeast1
          credentials: ${{ secrets.CREDENTIALS }}
          event_trigger_type: google.pubsub.topic.publish
          event_trigger_resource: ************************

Service account mix up in docs? Compute App vs. Compute Engine

Question

Is it possible, that the documentation/README is incorrect in specifying that the created service account should be added as a member to the "Compute Engine default service account"? And that instead it should be added as a member to the "App Engine default service Account"? At least that's how it works for me, and that's also the guidance I am getting from the job logs:

Error: Missing necessary permission iam.serviceAccounts.actAs for $MEMBER on the service account [email protected].

In my project [email protected] is the App engine default service account, whereas the Compute engine one is called [email protected].

...raising this as a question, as it seems so obvious that I am suspecting I am doing something wrong.

Support for trigger_topic in cloud functions?

Question

Hello!
I see that the deploy cloud function action there is no trigger_topic parameter. Since it's the recommended way to have the cloud function triggered by pub-subs, are you going to add it any time soon?

I see you're working right now on this, so I didn't want to open a feature request just yet 🙂

Passing the field: `min_instances` does not get applied to the cloud function

TL;DR

Passing a min_instances of 1 does not modify the actual min instances of the cloud function.

Below step will not work:

    - id: 'deploy'
      uses: 'google-github-actions/deploy-cloud-functions@v0'
      with:
        name: 'my-function'
        runtime: 'nodejs12'
        min_instances: 1

It seems the root of this issue is that the Cloud Functions API does not have a minInstances defined in its spec: https://cloud.google.com/functions/docs/reference/rest/v1/projects.locations.functions#CloudFunction

Expected behavior

Correctly set the min_instances of the cloud function

Observed behavior

min_instances for the cloud function was set to 0

Action YAML

name: "Cloud Functions Deploy"

on:
  push:
    branches: [develop]
    paths:
      - functions/**

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        function:
          - test1

        include:
          - function: test1
            name: test1
            entry_point: test1
            min_instances: 1

    steps:
      - uses: actions/checkout@v2

      - name: install node v14
        uses: actions/setup-node@v1
        with:
          node-version: 14

      - name: yarn install
        run: yarn install

      - name: Typescript compiler
        run: yarn functions build

      - name: Setup GCP Service Account
        uses: google-github-actions/[email protected]
        with:
          credentials_json: ${{secrets.GOOGLE_CLOUD_GITHUB_SERVICE_ACCOUNT}}

      - uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: ${{matrix.name}}
          event_trigger_type: ${{matrix.event_trigger_type}}
          event_trigger_resource: ${{matrix.event_trigger_resource}}
          entry_point: ${{matrix.entry_point}}
          runtime: nodejs14
          region: us-east4
          min_instances: ${{matrix.min_instances}}

Additional information

No response

How can I deploy all my functions?

Question

You have to pass the parameter name. This is the name of a Cloud Function. But I don't want to deploy 1 Cloud Function, I want to deploy all my functions. How can I do this?

Action fails to upload source to bucket, function deployment silently fails.

TL;DR

The action intermittently breaks the function deployment by failing to upload the source code.

Expected behavior

To work reliably.

Observed behavior

Sometimes the action fails to upload the zip file to the Cloud Storage bucket. The function deployment then fails with the following message:

Build failed: could not resolve storage source: googleapi: Error 404: No such object: gcf-sources-856243217562-europe-west3/function-9c18cebc-b919-4ef3-bf9f-edfde82cf6cd/version-25/function-source.zip, notFound

Reproduction

I tried to isolate the behaviour and to consistently reproduce it, but failed. Initially I thought it would happen, when re-running jobs from the jobs overview in the Github UI or when the commit's message is the same as the previous commit's message. But now it just happened 3 times back to back with "normal" commits, and then stopped happening on a 4th "normal" commit. Almost feels like a caching bug ...fleeting.

So I gave up. As everything I changed in-between commits was to increment a commented number in the .yaml, I really don't know what's happening here. The action always pretends to have been successful and doesn't show any errors, no matter what. The only give-away in the Github UI and the job's logs is that the action only takes a couple of seconds, if the bug happens, but considerably longer, if it does not.

During the build we pull private packages from Github and the repo is a lerna-managed mono-repo (see "source_dir"). Apart from that I can't think of anything "special" about our setup.

Action YAML

      - name: Deploy Cloud Function
        uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: function
          runtime: nodejs12
          region: europe-west3
          source_dir: packages/function-package
          entry_point: function

Screenshots

Add ingress-settings option

TL;DR

I want to deploy a CloudFunction that only allow ingress connection from internal or GLB --ingress-settings internal-and-gclb . But we don't have ingress-settings option.

Design

It would be nice if we add ingress-settings option

https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--ingress-settings

Thank you!

Successful Github Action, but deploy failed.

No URL set. Only HttpsTrigger Cloud Functions have URL.

I think it would be helpful if the deploy failed (exit > 0) if an error is detected?

Empty env_vars removes all existing env_vars

TL;DR

Passing an empty env_vars removes all existing environment variables and leaves you with a GCF with no environment variables. Is this intentional? If it is, I think that should be made more clear in the readme.

Expected behavior
Leaving existing variables in place.

Observed behavior
Environment variables removed.

Can't set GOOGLE_FUNCTION_SOURCE

TL;DR

I'm trying to specify the python file that the function belongs to by setting GOOGLE_FUNCTION_SOURCE, but cannot figure out how to properly set it in the yaml file.

Expected behavior

GOOGLE_FUNCTION_SOURCE should be able to be set from within the yaml file

Observed behavior

Error: google-github-actions/deploy-cloud-functions failed with: operation failed: Build failed: missing main.py and GOOGLE_FUNCTION_SOURCE not specified. Either create the function in main.py or specify GOOGLE_FUNCTION_SOURCE to point to the file that contains the function; Error ID: 5c04ec9c

Action YAML

name: Build

on:
  push:
    branches:
    - master
  pull_request:
    branches:
    - master

jobs:
  api_metadata_ingestion:
    runs-on: ubuntu-20.04
    steps:
      - uses: actions/checkout@v2
      - id: auth
        name: Authenticate
        uses: google-github-actions/auth@v0
        with:
          credentials_json: ${{ secrets.GCP_CREDENTIALS }}
      - id: deploy
        name: Deploy
        uses: google-github-actions/deploy-cloud-functions@v0
        # also tried
        # env:
        #   GOOGLE_FUNCTION_SOURCE: api_metadata_ingestion.py
        with:
          name: sld-api-ingestion
          region: us-central1
          service_account_email: [email protected]
          event_trigger_type: google.pubsub.topic.publish
          event_trigger_resource: projects/uat/topics/ingest_new_sdn_metadata
          event_trigger_service: pubsub.googleapis.com
          env_vars: GOOGLE_FUNCTION_SOURCE=api_metadata_ingestion.py
          # also tried
          # build_environment_variables: GOOGLE_FUNCTION_SOURCE=api_metadata_ingestion.py
          memory_mb: 1024MB
          timeout: 540
          runtime: python38
          entry_point: sld_api_ingestion

Log output

2022-02-05T02:14:40.8308840Z Requested labels: ubuntu-20.04
2022-02-05T02:14:40.8309036Z Job defined at: caffeinatedMike/sld/.github/workflows/build.yml@refs/heads/master
2022-02-05T02:14:40.8309068Z Waiting for a runner to pick up this job...
2022-02-05T02:14:41.4210167Z Job is waiting for a hosted runner to come online.
2022-02-05T02:14:45.0348668Z Job is about to start running on the hosted runner: GitHub Actions 3 (hosted)
2022-02-05T02:14:48.4421378Z Current runner version: '2.287.1'
2022-02-05T02:14:48.4448215Z ##[group]Operating System
2022-02-05T02:14:48.4448906Z Ubuntu
2022-02-05T02:14:48.4449454Z 20.04.3
2022-02-05T02:14:48.4449885Z LTS
2022-02-05T02:14:48.4450336Z ##[endgroup]
2022-02-05T02:14:48.4450858Z ##[group]Virtual Environment
2022-02-05T02:14:48.4451389Z Environment: ubuntu-20.04
2022-02-05T02:14:48.4451890Z Version: 20220131.1
2022-02-05T02:14:48.4452650Z Included Software: https://github.com/actions/virtual-environments/blob/ubuntu20/20220131.1/images/linux/Ubuntu2004-Readme.md
2022-02-05T02:14:48.4453546Z Image Release: https://github.com/actions/virtual-environments/releases/tag/ubuntu20%2F20220131.1
2022-02-05T02:14:48.4454208Z ##[endgroup]
2022-02-05T02:14:48.4454724Z ##[group]Virtual Environment Provisioner
2022-02-05T02:14:48.4455262Z 1.0.0.0-main-20220201-1
2022-02-05T02:14:48.4455709Z ##[endgroup]
2022-02-05T02:14:48.4457195Z ##[group]GITHUB_TOKEN Permissions
2022-02-05T02:14:48.4458064Z Actions: write
2022-02-05T02:14:48.4458697Z Checks: write
2022-02-05T02:14:48.4459204Z Contents: write
2022-02-05T02:14:48.4459718Z Deployments: write
2022-02-05T02:14:48.4460202Z Discussions: write
2022-02-05T02:14:48.4460703Z Issues: write
2022-02-05T02:14:48.4461166Z Metadata: read
2022-02-05T02:14:48.4461629Z Packages: write
2022-02-05T02:14:48.4462128Z Pages: write
2022-02-05T02:14:48.4462593Z PullRequests: write
2022-02-05T02:14:48.4463127Z RepositoryProjects: write
2022-02-05T02:14:48.4463654Z SecurityEvents: write
2022-02-05T02:14:48.4464095Z Statuses: write
2022-02-05T02:14:48.4464595Z ##[endgroup]
2022-02-05T02:14:48.4468415Z Secret source: Actions
2022-02-05T02:14:48.4469073Z Prepare workflow directory
2022-02-05T02:14:48.5297241Z Prepare all required actions
2022-02-05T02:14:48.5481223Z Getting action download info
2022-02-05T02:14:48.7673601Z Download action repository 'actions/checkout@v2' (SHA:ec3a7ce113134d7a93b817d10a8272cb61118579)
2022-02-05T02:14:49.7046012Z Download action repository 'google-github-actions/auth@v0' (SHA:8d125895b958610ec414ca4dae010257eaa814d3)
2022-02-05T02:14:50.4636111Z Download action repository 'google-github-actions/deploy-cloud-functions@v0' (SHA:1ad4c7dc8a1547f26f79f0c2df74110f95bfd7c8)
2022-02-05T02:14:51.4594043Z ##[group]Run actions/checkout@v2
2022-02-05T02:14:51.4594449Z with:
2022-02-05T02:14:51.4594801Z   repository: caffeinatedMike/sld
2022-02-05T02:14:51.4595399Z   token: ***
2022-02-05T02:14:51.4595704Z   ssh-strict: true
2022-02-05T02:14:51.4596038Z   persist-credentials: true
2022-02-05T02:14:51.4596363Z   clean: true
2022-02-05T02:14:51.4596663Z   fetch-depth: 1
2022-02-05T02:14:51.4596949Z   lfs: false
2022-02-05T02:14:51.4597245Z   submodules: false
2022-02-05T02:14:51.4597561Z ##[endgroup]
2022-02-05T02:14:51.6982097Z Syncing repository: caffeinatedMike/sld
2022-02-05T02:14:51.6984075Z ##[group]Getting Git version info
2022-02-05T02:14:51.6984675Z Working directory is '/home/runner/work/sld/sld'
2022-02-05T02:14:51.6985352Z [command]/usr/bin/git version
2022-02-05T02:14:51.7072172Z git version 2.35.1
2022-02-05T02:14:51.7091785Z ##[endgroup]
2022-02-05T02:14:51.7098154Z Deleting the contents of '/home/runner/work/sld/sld'
2022-02-05T02:14:51.7114850Z ##[group]Initializing the repository
2022-02-05T02:14:51.7115437Z [command]/usr/bin/git init /home/runner/work/sld/sld
2022-02-05T02:14:51.7166875Z hint: Using 'master' as the name for the initial branch. This default branch name
2022-02-05T02:14:51.7167448Z hint: is subject to change. To configure the initial branch name to use in all
2022-02-05T02:14:51.7167982Z hint: of your new repositories, which will suppress this warning, call:
2022-02-05T02:14:51.7168374Z hint: 
2022-02-05T02:14:51.7168832Z hint: 	git config --global init.defaultBranch <name>
2022-02-05T02:14:51.7169204Z hint: 
2022-02-05T02:14:51.7169662Z hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
2022-02-05T02:14:51.7170276Z hint: 'development'. The just-created branch can be renamed via this command:
2022-02-05T02:14:51.7170971Z hint: 
2022-02-05T02:14:51.7171327Z hint: 	git branch -m <name>
2022-02-05T02:14:51.7175427Z Initialized empty Git repository in /home/runner/work/sld/sld/.git/
2022-02-05T02:14:51.7186919Z [command]/usr/bin/git remote add origin https://github.com/caffeinatedMike/sld
2022-02-05T02:14:51.7230138Z ##[endgroup]
2022-02-05T02:14:51.7231094Z ##[group]Disabling automatic garbage collection
2022-02-05T02:14:51.7234232Z [command]/usr/bin/git config --local gc.auto 0
2022-02-05T02:14:51.7272755Z ##[endgroup]
2022-02-05T02:14:51.7331128Z ##[group]Setting up auth
2022-02-05T02:14:51.7331792Z [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand
2022-02-05T02:14:51.7332675Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :
2022-02-05T02:14:51.7655816Z [command]/usr/bin/git config --local --name-only --get-regexp http\.https\:\/\/github\.com\/\.extraheader
2022-02-05T02:14:51.7689561Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'http\.https\:\/\/github\.com\/\.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :
2022-02-05T02:14:51.7947017Z [command]/usr/bin/git config --local http.https://github.com/.extraheader AUTHORIZATION: basic ***
2022-02-05T02:14:51.7987412Z ##[endgroup]
2022-02-05T02:14:51.7988381Z ##[group]Fetching the repository
2022-02-05T02:14:51.7995543Z [command]/usr/bin/git -c protocol.version=2 fetch --no-tags --prune --progress --no-recurse-submodules --depth=1 origin +262acbb7ace993dedb4a47fee738856304e92bb9:refs/remotes/origin/master
2022-02-05T02:14:52.2648427Z remote: Enumerating objects: 10, done.        
2022-02-05T02:14:52.2650158Z remote: Counting objects:  10% (1/10)        
2022-02-05T02:14:52.2651214Z remote: Counting objects:  20% (2/10)        
2022-02-05T02:14:52.2651706Z remote: Counting objects:  30% (3/10)        
2022-02-05T02:14:52.2652171Z remote: Counting objects:  40% (4/10)        
2022-02-05T02:14:52.2652599Z remote: Counting objects:  50% (5/10)        
2022-02-05T02:14:52.2653278Z remote: Counting objects:  60% (6/10)        
2022-02-05T02:14:52.2653736Z remote: Counting objects:  70% (7/10)        
2022-02-05T02:14:52.2654149Z remote: Counting objects:  80% (8/10)        
2022-02-05T02:14:52.2654577Z remote: Counting objects:  90% (9/10)        
2022-02-05T02:14:52.2655014Z remote: Counting objects: 100% (10/10)        
2022-02-05T02:14:52.2655464Z remote: Counting objects: 100% (10/10), done.        
2022-02-05T02:14:52.2655931Z remote: Compressing objects:  14% (1/7)        
2022-02-05T02:14:52.2656383Z remote: Compressing objects:  28% (2/7)        
2022-02-05T02:14:52.2656821Z remote: Compressing objects:  42% (3/7)        
2022-02-05T02:14:52.2657252Z remote: Compressing objects:  57% (4/7)        
2022-02-05T02:14:52.2657679Z remote: Compressing objects:  71% (5/7)        
2022-02-05T02:14:52.2658106Z remote: Compressing objects:  85% (6/7)        
2022-02-05T02:14:52.2658537Z remote: Compressing objects: 100% (7/7)        
2022-02-05T02:14:52.2658981Z remote: Compressing objects: 100% (7/7), done.        
2022-02-05T02:14:52.3167118Z remote: Total 10 (delta 0), reused 8 (delta 0), pack-reused 0        
2022-02-05T02:14:52.3232883Z From https://github.com/caffeinatedMike/sld
2022-02-05T02:14:52.3234027Z  * [new ref]         262acbb7ace993dedb4a47fee738856304e92bb9 -> origin/master
2022-02-05T02:14:52.3259534Z ##[endgroup]
2022-02-05T02:14:52.3260498Z ##[group]Determining the checkout info
2022-02-05T02:14:52.3261496Z ##[endgroup]
2022-02-05T02:14:52.3262169Z ##[group]Checking out the ref
2022-02-05T02:14:52.3266134Z [command]/usr/bin/git checkout --progress --force -B master refs/remotes/origin/master
2022-02-05T02:14:52.3321726Z Reset branch 'master'
2022-02-05T02:14:52.3322590Z branch 'master' set up to track 'origin/master'.
2022-02-05T02:14:52.3328986Z ##[endgroup]
2022-02-05T02:14:52.3368613Z [command]/usr/bin/git log -1 --format='%H'
2022-02-05T02:14:52.3395905Z '262acbb7ace993dedb4a47fee738856304e92bb9'
2022-02-05T02:14:52.3622610Z ##[group]Run google-github-actions/auth@v0
2022-02-05T02:14:52.3623133Z with:
2022-02-05T02:14:52.3628296Z   credentials_json: ***
2022-02-05T02:14:52.3628792Z   create_credentials_file: true
2022-02-05T02:14:52.3629201Z   cleanup_credentials: true
2022-02-05T02:14:52.3629650Z   access_token_lifetime: 3600s
2022-02-05T02:14:52.3630236Z   access_token_scopes: https://www.googleapis.com/auth/cloud-platform
2022-02-05T02:14:52.3630780Z   id_token_include_email: false
2022-02-05T02:14:52.3631212Z ##[endgroup]
2022-02-05T02:14:52.5278734Z Created credentials file at "/home/runner/work/sld/sld/gha-creds-f5cb724569460c3a.json"
2022-02-05T02:14:52.5279139Z 
2022-02-05T02:14:52.5298968Z 
2022-02-05T02:14:52.5537821Z ##[group]Run google-github-actions/deploy-cloud-functions@v0
2022-02-05T02:14:52.5538227Z with:
2022-02-05T02:14:52.5538566Z   name: spins-sld-api-ingestion
2022-02-05T02:14:52.5538918Z   region: us-central1
2022-02-05T02:14:52.5539309Z   service_account_email: [email protected]
2022-02-05T02:14:52.5539785Z   event_trigger_type: google.pubsub.topic.publish
2022-02-05T02:14:52.5540265Z   event_trigger_resource: projects/uat/topics/ingest_new_sdn_metadata
2022-02-05T02:14:52.5540729Z   event_trigger_service: pubsub.googleapis.com
2022-02-05T02:14:52.5541080Z   memory_mb: 1024MB
2022-02-05T02:14:52.5541377Z   timeout: 540
2022-02-05T02:14:52.5541666Z   runtime: python38
2022-02-05T02:14:52.5542039Z   env_vars: GOOGLE_FUNCTION_SOURCE=api_metadata_ingestion.py
2022-02-05T02:14:52.5542445Z   entry_point: sld_api_ingestion
2022-02-05T02:14:52.5542775Z   source_dir: ./
2022-02-05T02:14:52.5543173Z   https_trigger_security_level: security_level_unspecified
2022-02-05T02:14:52.5543564Z   event_trigger_retry: false
2022-02-05T02:14:52.5543886Z   deploy_timeout: 300
2022-02-05T02:14:52.5544188Z env:
2022-02-05T02:14:52.5544641Z   CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE: /home/runner/work/sld/sld/gha-creds-f5cb724569460c3a.json
2022-02-05T02:14:52.5545265Z   GOOGLE_APPLICATION_CREDENTIALS: /home/runner/work/sld/sld/gha-creds-f5cb724569460c3a.json
2022-02-05T02:14:52.5545832Z   GOOGLE_GHA_CREDS_PATH: /home/runner/work/sld/sld/gha-creds-f5cb724569460c3a.json
2022-02-05T02:14:52.5546259Z   CLOUDSDK_PROJECT: uat
2022-02-05T02:14:52.5546618Z   CLOUDSDK_CORE_PROJECT: uat
2022-02-05T02:14:52.5546954Z   GCP_PROJECT: uat
2022-02-05T02:14:52.5547289Z   GCLOUD_PROJECT: uat
2022-02-05T02:14:52.5547634Z   GOOGLE_CLOUD_PROJECT: uat
2022-02-05T02:14:52.5547963Z ##[endgroup]
2022-02-05T02:14:52.6793615Z Extracted project ID 'uat' from $GCLOUD_PROJECT
2022-02-05T02:14:52.8135898Z Created zip file from './' at '/tmp/cfsrc-2d7a4b3fe6a390b55a57a198.zip'
2022-02-05T02:14:54.0795852Z Creating new Cloud Function revision
2022-02-05T02:14:54.5027451Z Deploying Cloud Function
2022-02-05T02:14:59.7182732Z Still deploying Cloud Function (1/n)
2022-02-05T02:15:04.8941531Z Still deploying Cloud Function (2/n)
2022-02-05T02:15:10.0724905Z Still deploying Cloud Function (3/n)
2022-02-05T02:15:15.3039471Z Still deploying Cloud Function (4/n)
2022-02-05T02:15:20.5241038Z Still deploying Cloud Function (5/n)
2022-02-05T02:15:25.8597518Z Still deploying Cloud Function (6/n)
2022-02-05T02:15:31.0452739Z Still deploying Cloud Function (7/n)
2022-02-05T02:15:31.4274558Z ##[error]google-github-actions/deploy-cloud-functions failed with: operation failed: Build failed: missing main.py and GOOGLE_FUNCTION_SOURCE not specified. Either create the function in main.py or specify GOOGLE_FUNCTION_SOURCE to point to the file that contains the function; Error ID: 5c04ec9c
2022-02-05T02:15:31.4377754Z Post job cleanup.
2022-02-05T02:15:31.4987210Z Removed exported credentials at "/home/runner/work/sld/sld/gha-creds-f5cb724569460c3a.json".
2022-02-05T02:15:31.5092335Z Post job cleanup.
2022-02-05T02:15:31.6235172Z [command]/usr/bin/git version
2022-02-05T02:15:31.6277524Z git version 2.35.1
2022-02-05T02:15:31.6308910Z [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand
2022-02-05T02:15:31.6344204Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :
2022-02-05T02:15:31.6570286Z [command]/usr/bin/git config --local --name-only --get-regexp http\.https\:\/\/github\.com\/\.extraheader
2022-02-05T02:15:31.6596461Z http.https://github.com/.extraheader
2022-02-05T02:15:31.6615462Z [command]/usr/bin/git config --local --unset-all http.https://github.com/.extraheader
2022-02-05T02:15:31.6645975Z [command]/usr/bin/git submodule foreach --recursive git config --local --name-only --get-regexp 'http\.https\:\/\/github\.com\/\.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :
2022-02-05T02:15:31.7088991Z Cleaning up orphan processes



### Additional information

_No response_

client_email is undefined error after using Workload Identity Provider auth

TL;DR

After following steps in README to deploy using workload identity provider auth, I am getting an error on the deploy step stating "The incoming JSON object does not contain a client_email field"

Expected behavior
Deploy would work and not error complaining about JSON auth object.

Observed behavior
Got the error described above.

Output:

Run google-github-actions/[email protected]

# Prints environment info

Setting project Id from $GCLOUD_PROJECT
Error: The incoming JSON object does not contain a client_email field

Reproduction

Action YAML

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest

    # Add "id-token" with the intended permissions.
    permissions:
      contents: "read"
      id-token: "write"

    steps:
      - uses: actions/checkout@v2
      - id: auth
        name: "Authenticate to Google Cloud"
        uses: "google-github-actions/[email protected]"
        with:
          workload_identity_provider: "projects/{projectId}/locations/global/workloadIdentityPools/{my-pool}/providers/{my-provider}"
          service_account: "{service-account-email}"
      - id: deploy
        uses: google-github-actions/[email protected]
        with:
          name: ${{ env.CLOUD_FN_NAME }}
          runtime: ${{ env.CLOUD_FN_RUNTIME }}

Additional information
To setup the workload identity provider used in the google-github-actions/[email protected] step, I followed the instructions listed here exactly: https://github.com/google-github-actions/auth#setting-up-workload-identity-federation

Service Account mix-up in docs?

Question

Error: Missing necessary permission iam.serviceAccounts.actAs for $MEMBER on the service account [email protected].

In my project [email protected] is the App engine default service account, whereas the Compute engine one is called [email protected].

...raising this as a question, as it seems so obvious that I am suspecting I am doing something wrong.

Zipfile created but not found

TL;DR

My google cloud function deployment gives an error on finding the generated zip-file. In the error message, it refers to a path which is not matching the created zip file.

Expected behavior

I would expect that the zipped file would have been found and sent to the google cloud functions api.

Observed behavior

First, the creation of the zipfile is logged:

Created zip file from './' at '/tmp/cfsrc-fe01cc8fcadfea8e32b25ac5.zip'

After that, I get the following error message (note the difference in the paths):

Error: google-github-actions/deploy-cloud-functions failed with: failed to upload zip file: The file at /home/runner/work/Altilium.Core/Altilium.Core/4c3724d897b81ccdb8c0296e does not exist, or it is not a file. ENOENT: no such file or directory, lstat '/home/runner/work/Altilium.Core/Altilium.Core/4c3724d897b81ccdb8c0296e'

Action YAML

name: CloudDeploy

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
    deploy:
        name: Deploy to GCloud
        runs-on: ubuntu-latest
        permissions:
          contents: 'read'
          id-token: 'write'
          
        steps:
        - name: Authenticate
          uses: google-github-actions/auth@v0
          with:
            credentials_json: ${{ secrets.GCP_CREDENTIALS }}
            service_account: ${{ secrets.GCP_EMAIL }}

        - name: Checkout repository
          uses: actions/checkout@v2
        
        - name: Deploy
          uses: 'google-github-actions/deploy-cloud-functions@v0'
          continue-on-error: true
          with:
            name: 'altilium-api'
            runtime: 'python39'
            region: 'europe-west1'
            entry_point: 'run_api.py'
            
        - name: Debug output of zip path
          run: 'ls /tmp'
          
        - name: Debug output of missing path
          run: 'ls /home/runner/work/Altilium.Core/Altilium.Core'

        # Example of using the output
        - id: 'test'
          run: 'curl "${{ steps.deploy.outputs.url }}"'

Additional information

I am quite new to all this, so if the bug is in my YAML, please say so.

I checked if the ZIP-file was created, and it was.

I tried to trace what's happening in the code. As far as I can see, the error can only originate from here. But I don't understand why fs.createReadStream would stat a file in the current directory when given a zip file with an absolute path.

deploy-cloud-functions reports error when deploying function with Pub/Sub event trigger

TL;DR

When using deploy-cloud-functions to deploy a function with a Pub/Sub event trigger the github action fails with Error: Cannot read property 'url' of undefined. Although an error is shown the function deploys correctly.

Expected behavior

The action should report a success.

Observed behavior

Run google-github-actions/[email protected]
Creating a function revision
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Updating function deployment
Function deployment updated
**Error: Cannot read property 'url' of undefined**

Action YAML

# This is a basic workflow to help you get started with Actions

name: CI

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the master branch
  push:
    branches: [ master ]
    
env:
  PROJECT: ${{ secrets.PROJECT_ID }}

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "build"
  build:
    # The type of runner that the job will run on
    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - uses: actions/checkout@v2
          
      - name: deploy cloud function
        id: deploy-background-function
        uses: google-github-actions/[email protected]
        with:
          name: helloWorld
          runtime: python38
          project_id: ${{ env.PROJECT }}
          credentials: ${{ secrets.GCP_CREDENTIALS }}
          entry_point: helloWorld
          source_dir: src
          event_trigger_type: providers/cloud.pubsub/eventTypes/topic.publish
          event_trigger_resource: projects/${{ secrets.PROJECT_ID }}/topics/${{ secrets.topic_ID }}

Log output

No response

Additional information

No response

Build overrides for displaying a Version indicator

TL;DR

I need to know what version of the function is running for --runtime go113

I need to be able to do something like:

CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags -X main.Version=$(git describe --always) -o server *.go

Action fails even though gcloud equivalent succeeds

TL;DR

I get the following message which isn't overly helpful:
Error: The request has errors

Observed behavior

Run google-github-actions/deploy-cloud-functions@main
  with:
    credentials: ***
  
    name: function-name
    runtime: python38
    region: us-west2
Setting project Id from credentials
zip file /tmp/cfsrc-99289.zip created successfully
function source zipfile created: 22486 bytes
zip file /tmp/cfsrc-99289.zip uploaded successfully
Creating a function revision
Error: The request has errors

Reproduction

Action YAML

on:
  push:
    branches:
      - master

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - id: deploy
      uses: google-github-actions/deploy-cloud-functions@main
      with:
        credentials: ${{ secrets.GCP_SA_KEY }}
        name: function-name
        runtime: python38
        region: us-west2

In searching through GCP logs I found this, not sure if something is parsing serviceAccountKeyName improperly??

{
  "protoPayload": {
    "@type": "type.googleapis.com/google.cloud.audit.AuditLog",
    "status": {
      "code": 3,
      "message": "The request has errors"
    },
    "authenticationInfo": {
      "principalEmail": "[email protected]",
      "serviceAccountKeyName": "//iam.googleapis.com/projects/REDACTED/serviceAccounts/[email protected]/keys/REDACTED"
    }

envVars fails when the value has '=' querystring

TL;DR

When i have a env variable whit querystrings like this one MONGO_URL=mongodb+srv://<user>:<pass>@cluster0.xxx.mongodb.net/hubspotTaskCreator?retryWrites=true&w=majority fails because the split here

Expected behavior
Should cut the string only using the first '=', pair.substring(pair.indexOf('=')+1)

Observed behavior
Right now the result value is this one mongodb+srv://<user>:<pass>@cluster0.xxx.mongodb.net/hubspotTaskCreator?retryWrites

Avoiding manual secret variable reset upon deployment

TL;DR

For a specific reason, I need to set a secret env variable on a cloud function, manually. But when I deploy the new code of the function via a github action, my manually set env variables are removed.
How to ignore those variable to let them as is?

Expected behavior

Manually set env variable to be preserved even after an automated deployment

Observed behavior

Manually set secret env variable are removed after the run of the github actions

Action YAML

- name: Deploy sendEmail
      uses: google-github-actions/deploy-cloud-functions@main
      with:
        name: sendEmailNotification
        runtime: python39
        entry_point: sendEmailNotification
        region: europe-west1

Additional information

I didn't find any info in the doc about this behavior, it's specified for env variable but not secret variables

How do you set gcp_credentials?

Question

Say I download the service account details JSON, how do I use it to set gcp_credentials?

[
  "auth_provider_x509_cert_url",
  "auth_uri",
  "client_email",
  "client_id",
  "client_x509_cert_url",
  "private_key",
  "private_key_id",
  "project_id",
  "token_uri",
  "type"
]

Reuse a zip to deploy all functions

TL;DR

Nowadays, it's necessary to create an action for each function deployment.

It'll be good to have a way to reuse a created zip to deploy other functions inside the same cicle.

Design

Action YAML

A way to pass all functions to be deployed could be very useful

Like:

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - id: deploy-reusing-zip
      uses: google-github-actions/deploy-cloud-functions@main
      with:
        name: do_another_stuff,another_function,third_function
        runtime: python38
        credentials: ${{ secrets.GCP_CREDENTIALS }}
        region: us-east1

Expose timeout as an action parameter

TL;DR

Despite increasing timeout from 200 to 300 seconds in #46, I'm still seeing many timeouts: https://github.com/k0swe/forester-func/actions/workflows/deploy.yml. Let's please expose timeout as an input as suggested in #46 (review). It would be ideal if this were a friendly timespec (10m instead of 600 with implied units) but that's more work.

Design

Action YAML

      - name: Cloud Functions Deploy ImportQrz
        uses: google-github-actions/deploy-cloud-functions@main
        with:
          name: ImportQrz
          entry_point: ImportQrz
          runtime: go113
          env_vars: GCP_PROJECT=k0swe-kellog
          deploy_timeout: 600

Resources
#45 and #46

Resolve symlinks when zip:ing sourceDir

TL;DR

Symlinks provides an easy to construct a sourceDir that that references select parts of a larger repository.

Design

If one wants to share code among a couple of cloud functions in a repo, then symlinking in a shared folder would be an easy way to achieve that.

References

#36: An opt out approach to assuring the right content gets uploaded rather than this opt in approach. (And #65 which fixes that I one and might make this one easier to solve)

Add env_vars_file option

TL;DR

It does not seem possible to generate environment values dynamically to pass into the env_vars input.

A great improvement would be to make this possible by either supporting the use of a YAML config file like the gcloud CLI does, and/or supporting using GitHub Actions' set-output to pass a dynamic string in KEY=VALUE,KEY2=VALUE2 format.

Design

Action YAML

New env_vars_file input.

FIREBASE_CONFIG environment variable

How do i set FIREBASE_CONFIG environment variable for my python function

I am not able to set the FIREBASE_CONFIG environment variable using the KEY1=VALUE syntax using env_var arguments of the google-github-actions/deploy-cloud-functions@main action.
I get the below error

Env Vars must be in "KEY1=VALUE1,KEY2=VALUE2" format, received "databaseURL":"https://.firebaseio.com"

Please add support for security-level flag

TL;DR

Please add support for the GCP cloud functions deploy --security-level parameter.

Detailed design

Per the docs:
https://cloud.google.com/sdk/gcloud/reference/functions/deploy

--security-level=SECURITY_LEVEL; default="secure-always"
Security level controls whether a function's URL supports HTTPS only or both HTTP and HTTPS. By default, secure-always will be used, meaning only HTTPS is supported. SECURITY_LEVEL must be one of: secure-always, secure-optional.

Additional information

This would be convenient for deploying HTTPS functions. Currently, it is necessary to manually edit the function from the console after deploy to enable HTTPS only.

Merge `envVars` and `envVarsFile` if both are set

I have a scenario I store secrets in Github (e.g. PASSWORD, API_KEY), while I also have some non-secret environment variables I'd like to set per environment (e.g. prod.yaml and staging.yaml).

I have two separate workflows - one for Staging and one for Production where I am referring to the Github secrets. For example:

    with:
          name: my-func
          runtime: nodejs12
          entry_point: index
          source_dir: ./functions/build/src
          env_vars: PASSWORD=${{ secrets.PASSWORD }},API_KEY=${{ secrets.API_KEY }}

Since I can't mix and match env_vars and env_vars_file, I'd probably have to combine the variables from secrets and the file and then pass them in either as a file or separately.

It would be useful if there was an option that allows us to set both env_vars and env_vars_file and merge the values here.

In a case where a secret would overwrite the value in an env file (or vice-versa), the action would throw an exception.

`region` optional argument in deploy cloud function inputs

TL;DR

Remove region in deploy-cloud-functions inputs

Expected behavior
According to the current documentation, the region might be given to the cloud function inputs.
Maybe the documentation is not up-to-date.

Observed behavior
The github action failed if the region optional parameter is provided.
Here is the github action error log:

Unexpected input(s) 'region', valid inputs are ['credentials', 'name', 'description', 'project_id', 'source_dir', 'env_vars', 'entry_point', 'runtime', 'vpc_connector', 'service_account_email', 'timeout', 'max_instances', 'event_trigger_type', 'event_trigger_resource', 'event_trigger_service']

Reproduction

Action YAML

name: Deploy to Google Cloud Function

on:
  # Trigger the workflow on push,
  # but only for the main branch
  push:
    branches:
      - main

# Environment variables available to all jobs and steps in this workflow
env:
  GC_PROJECT: ${{ secrets.GC_PROJECT }}
  GC_KEY: ${{ secrets.GC_KEY }}

jobs:
  setup-deploy:
    name: oush
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      # Setup gcloud CLI
      - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
        with:
          version: "290.0.1"
          project_id: ${{ secrets.GC_PROJECT }}
          service_account_key: ${{ secrets.GC_KEY }}

      - id: deploy
        uses: GoogleCloudPlatform/github-actions/deploy-cloud-functions@master
        with:
          name: hello_world
          runtime: python38
          entry_point: hello_world_function
          region: northamerica-northeast1
          timeout: 540
          event_trigger_type: google.storage.object.finalize
          event_trigger_resource: hello_world_bucket

How to pass in a JSON variable into env_vars

Question

I'm trying to pass in a JSON variable into env_vars but ending up with issues parsing the commas, as parseEnvVars thinks those are separate environment variables and hence looks for = without finding it.

Should we minify compiled javascript?

The currently-compiled javascript is 18mb:

du -h dist/index.js
18M	dist/index.js

Running ncc with -m takes longer, but reduces the size by about 66%:

du -h dist/index.js
6.6M	dist/index.js

Error during the deployment but the GA pass

TL;DR

When I'm trying to publish a cloud function trigger by HTTP request, the GitHub Actions pass but the cloud function isn't updated on GCP/FirebasE.

Expected behavior

If there is any error during the deployment, the GA shouldn't pass and give me information to know how to fix the deployment.

Observed behavior

Give this output in the log of the GitHub Action:

Function deployment updated
No URL set. Only HttpsTrigger Cloud Functions have URL.

Reproduction

Action YAML

name: Deploy

on:
  push:
    branches:
      - main

jobs:
  deploy-functions:
    runs-on: latest-ubuntu
    env:
      working-directory: ./functions
    steps:
      - uses: actions/checkout@v2
      - uses: actions/[email protected]
        with:
            node-version: '12'
      - uses: google-github-actions/setup-gcloud@master
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}
          service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }}
          export_default_credentials: true
      - run: npm i -g firebase-tools
      - run: yarn
        working-directory: ${{ env.working-directory }}
      - uses: google-github-actions/[email protected]
        with:
          name: api # here a cloud function trigger by a http request
          runtime: nodejs12
          credentials: ${{ secrets.SERVICE_ACCOUNT_KEY }}
      - uses: google-github-actions/[email protected]
        with:
          name: uploadCourses # here a cloud function trigger by an event on Google Storage
          runtime: nodejs12
          credentials: ${{ secrets.SERVICE_ACCOUNT_KEY }}

Additional information

Maybe linked to #47?

It seems, there is an error in the archive uploaded on GCP.

Deploy uploads corrupt zip

TL;DR

The action appears to not fully upload the zip (it's a corrupt zip - manually extracting gives errors. Viewing the function provides a link to the build errors.

Expected behavior
Function should deploy without errors.

Observed behavior
This fails 3 times and the build fails:

End-of-central-directory signature not found. Either this file is not
a zipfile, or it constitutes one disk of a multi-part archive. In the
latter case the central directory and zipfile comment will be found on
the last disk(s) of this archive.

Downloading the .zip file from the function in console there are errors unzipping locally.

Reproduction

Action YAML
Due to security and repeatability - we only reference versioned external actions. Assuming that is the same as @main.

       - id: actual-deploy
         uses: google-github-actions/[email protected]
         with:
           name: <redacted>
           runtime: nodejs10
           credentials: ${{ secrets.GCP_SA_KEY }}
           entry_point: <redacted>
           timeout: 240

This is a fully working YAML

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: install build
        run: |
          yarn install
          yarn build
      - name: Set up Cloud SDK
        uses: google-github-actions/setup-gcloud@master
        with:
          project_id: ${{ secrets.GCP_PROJECT_ID }}
          service_account_key: ${{ secrets.GCP_SA_KEY }}
          export_default_credentials: true
      - name: Deploy Function <redacted>
        run: gcloud functions deploy <redacted> --runtime nodejs10 --trigger-http  --entry-point <redacted> --timeout 240 --set-env-vars CLOUD_SQL_CONNECTION_NAME=${{ secrets.CLOUD_SQL_CONNECTION_NAME }}

Additional information
Nothing atypical. It works with regular gcloud command.

google-github-actions / deploy-cloud-functions Goto Github PK

deploy-cloud-functions's People

Contributors

Stargazers

Watchers

Forkers

deploy-cloud-functions's Issues

TL;DR

Design

TL;DR

Reproduction

TL;DR

Detailed design

Additional information

TL;DR

Reproduction

TL;DR

Design

TL;DR

Expected behavior

Observed behavior

Action YAML

Additional information

TL;DR

Design

Question

TL;DR

Expected behavior

Observed behavior

Action YAML

Additional information

Question

TL;DR

Reproduction

TL;DR

Design

TL;DR

Reproduction

Question

TL;DR

Reproduction

Question

Question

TL;DR

Expected behavior

Observed behavior

Action YAML

Additional information

Question

TL;DR

Reproduction

TL;DR

Design

TL;DR

TL;DR

Expected behavior

Observed behavior

Action YAML

Log output

TL;DR

Reproduction

Question

TL;DR

Expected behavior

Observed behavior

Action YAML

Additional information

TL;DR

Expected behavior

Observed behavior

Action YAML

Log output

Additional information

TL;DR

TL;DR

Reproduction

TL;DR

TL;DR

Expected behavior

Observed behavior